int
main (int argc,
char *argv[])
{
int i;
/* Some initial preparation */
reauthorize_logger (test_logger, 0);
re_fixture (setup, teardown);
for (i = 0; type_fixtures[i].challenge != NULL; i++)
re_testx (test_type, type_fixtures + i,
"/reauthorize/type/%s", type_fixtures[i].challenge);
for (i = 0; user_fixtures[i].challenge != NULL; i++)
re_testx (test_user, user_fixtures + i,
"/reauthorize/user/%s", user_fixtures[i].challenge);
for (i = 0; crypt1_fixtures[i].challenge != NULL; i++)
re_testx (test_crypt1, crypt1_fixtures + i,
"/reauthorize/crypt1/%s", crypt1_fixtures[i].challenge);
re_test (test_password_success, "/pamreauth/password-success");
re_test (test_password_bad, "/pamreauth/password-bad");
re_test (test_password_no_prepare, "/pamreauth/password-no-prepare");
re_test (test_password_bad_secret, "/pamreauth/password-bad-secret");
return re_test_run (argc, argv);
}
int
main (int argc, char *argv[])
{
struct passwd *pwd;
const char *cookie;
const char *response;
size_t maxlen = 8192;
char *buffer;
char *challenge;
size_t len;
uid_t uid;
int res;
int errn;
signal (SIGPIPE, SIG_IGN);
if (clearenv () != 0)
errx (1, "couldn't clear environment");
/* set a minimal environment */
setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
/* check that we are setuid root */
if (geteuid () != 0)
errx (2, "needs to be setuid root");
uid = getuid ();
if (uid == 0)
errx (2, "refusing to reauthorize root");
/* check for correct invocation */
if (argc != 2)
errx (2, "bad arguments");
cookie = argv[1];
buffer = malloc (maxlen);
if (buffer == NULL)
errx (1, "cannot allocate memory for buffer");
pwd = getpwuid (uid);
if (pwd == NULL)
err (1, "couldn't lookup user");
if (pwd->pw_uid != uid)
errx (1, "invalid user returned from lookup");
reauthorize_logger (on_reauthorize_log, 0);
response = NULL;
for (;;)
{
challenge = NULL;
res = reauthorize_perform (pwd->pw_name, response, &challenge);
response = NULL;
if (res != REAUTHORIZE_CONTINUE)
break;
fputs (challenge, stdout);
errn = errno;
free (challenge);
if (!ferror (stdout))
{
fputc ('\n', stdout);
errn = errno;
if (!ferror (stdout))
{
fflush (stdout);
errn = errno;
}
}
if (ferror (stdout))
{
if (errn != EPIPE)
warnx ("couldn't write to stdout: %s", strerror (errn));
res = -1;
break;
}
if (!fgets (buffer, maxlen, stdin))
buffer[0] = '\0';
/* Remove trailing new line */
len = strlen (buffer);
if (len > 0 && buffer[len - 1] == '\n')
buffer[len - 1] = '\0';
response = buffer;
}
free (buffer);
if (res == REAUTHORIZE_YES)
{
if (!send_dbus_message (cookie, uid))
return 1;
}
return 0;
}
